1. Who we are
This Privacy Policy applies to Dolme SA (Pty) Ltd, trading as Dolme Innovations ("Dolme", "we", "us", "our"), a company registered in the Republic of South Africa and operating the website www.dolme.co.za and the digital health systems described on it.
Dolme Innovations is committed to protecting your personal information in accordance with the Protection of Personal Information Act 4 of 2013 ("POPIA").
2. Information Officer
Our designated Information Officer is the Managing Director of Dolme SA (Pty) Ltd. You can reach the Information Officer at info@dolme.co.za.
3. What information we collect
When you interact with this website, we may collect the following categories of personal information:
- Contact form submissions — name, organisation, work email address, area of interest, and any free-text message you provide.
- Technical metadata — your browser user-agent string and the referring URL, recorded alongside contact form submissions to help us understand how visitors find us and identify spam.
- Basic server logs — IP address, page requested, and timestamp, retained for a short period for security and operational purposes by our hosting provider.
We do not use behavioural tracking cookies, advertising trackers, or third-party analytics that profile individual visitors.
4. Why we collect it (purpose)
We process personal information for the following purposes:
- To respond to demonstration requests, partnership enquiries and other contact form submissions.
- To send you information about our integrated digital health systems where you have requested it.
- To maintain a record of who has enquired about our systems, for operational and customer-relationship purposes.
- To investigate misuse of the website (spam, scraping, abuse).
5. Legal basis for processing
We process your personal information on one or more of the following bases under POPIA:
- Consent — by submitting the contact form, you consent to us using your information to respond to your enquiry.
- Legitimate interest — to operate the website, prevent abuse, and keep a record of legitimate enquiries.
- Performance of a contract — where you are in active partnership discussions with us.
6. Who we share it with
We share personal information only with the following categories of operator, each of which is bound to process information on our instructions and to apply appropriate security safeguards:
- Supabase — our database and authentication provider, which stores contact form submissions.
- Resend — our transactional email provider, which delivers notifications and replies to your enquiries.
- Vercel — our website hosting provider.
- HostKing — our domain and email registrar.
We do not sell, rent or trade personal information. We do not share personal information with advertising networks.
7. Cross-border transfers
Some of our operators (Supabase, Resend, Vercel) may process personal information outside the Republic of South Africa. Where this happens, the information is protected by contractual safeguards aligned with POPIA's cross-border requirements.
8. How long we keep it
We retain personal information for as long as is reasonably necessary for the purposes set out above, or for longer where required by law. Typical retention periods:
- Active enquiries and partnerships: for the duration of the relationship and a reasonable period thereafter.
- Inactive enquiries: deleted on request, or reviewed periodically and removed where no longer needed.
- Server logs: short-term, in line with our hosting provider's standard retention.
You may request deletion of your information at any time (see Your Rights below).
9. How we protect it
We apply technical and organisational security measures appropriate to the sensitivity of the information, including:
- Encryption in transit (HTTPS / TLS) for all website traffic.
- Encryption at rest at the database layer.
- Row-level security on the database table holding contact form submissions, so that website data is isolated from any clinical data held in other systems.
- Restricted internal access on a need-to-know basis.
10. Your rights under POPIA
You have the right, under POPIA, to:
- Be notified that personal information about you is being collected and processed.
- Request access to the personal information we hold about you.
- Request that we correct or delete inaccurate, irrelevant, excessive, out-of-date, misleading or unlawfully obtained information.
- Object to the processing of your personal information.
- Object to direct marketing by unsolicited electronic communication.
- Withdraw consent at any time where processing relies on consent.
- Lodge a complaint with the Information Regulator.
To exercise any of these rights, email info@dolme.co.za.
11. Cookies
Our website uses only the technical cookies and local storage that are strictly necessary to operate the site (for example, to remember whether your browser supports modern features). We do not use third-party advertising or behavioural tracking cookies.
12. Information Regulator
If you are not satisfied with how we handle your personal information, you have the right to lodge a complaint with the Information Regulator of South Africa:
The Information Regulator (South Africa)
JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
Email: inforeg@justice.gov.za
Website: inforegulator.org.za
13. Changes to this Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page indicates when the policy was last revised. Material changes will be communicated where reasonable and proportionate.
14. Contact us
For any questions about this Privacy Policy or how we handle your personal information:
- Email: info@dolme.co.za
- Partnership enquiries: partnership@dolme.co.za